<?php

namespace App\Http\Controllers;

class SignController extends Controller
{
//小程序验证签名接口
    public function checkSignature()
    {

        if (isset($_GET['signature']) && isset($_GET['timestamp']) && isset($_GET['nonce']) && isset($_GET['echostr'])) {
            $signature = $_GET['signature'];
            $timestamp = $_GET['timestamp'];
            $nonce = $_GET['nonce'];
            $token = env("SIGN_TOKEN");
            $tmpArr = array($token, $timestamp, $nonce);
            sort($tmpArr, SORT_STRING);
            //1、 将token、timestamp、nonce三个参数进行字典序排序
            $tmpStr = implode($tmpArr);
            //    2、将三个参数字符串拼接成一个字符串进行sha1加密
            $tmpStr = sha1($tmpStr);

            //    3、开发者获得加密后的字符串可与 signature 对比，标识该请求来源于微信
            if ($tmpStr == $signature) {
                return $_GET['echostr'];
            } else {
                return "error";
            }
        }
        return "必要参数未传递";
    }
}
